![]() ![]() In addition to Kinesis Data Firehouse, the ExtraHop sensor also supports direct Route 53 DNS logs. To do this, VPC Flow Logs are published directly to Kinesis Data Firehose, sent to an AWS Lambda function, and then forwarded to the sensor. Reveal(x) 360 gathers log data via a virtual flow sensor. How the Integration WorksĪWS customers can now publish VPC Flow Logs directly to Kinesis Firehose and use an AWS Lambda function to send real-time streaming data to the Reveal(x) 360 sensor for advanced attack detection in the cloud. ExtraHop eliminates these challenges by combining real-time analysis of flow logs, packets, and protocols in a unified interface to provide the most accurate, real-time threat defense for cloud environments while eliminating friction for security teams. They're also an excellent data source for monitoring and analyzing network traffic however, most security organizations don't leverage VPC Flow Logs for real-time analysis, which can limit their efficacy. VPC Flow Logs are an important telemetry source because they enable the SOC to have greater visibility into traffic flowing across a virtual private cloud (VPC). This added depth and breadth of network telemetry enables the Security Operations Center (SOC) to visualize, investigate, and respond to hotspots of malicious activity in a single management pane. Flexible deployment options make it simpler for security teams to use flow logs for broad cloud network coverage and packets for deep forensic investigation. Users can also take a multi-layered approach to AWS security by using both flow log and packet data sources to defend against advanced threats. This new method of ingesting flow logs removes a layer of friction and lowers total cost of ownership (TCO). With the new Kinesis Data Firehose capability, AWS customers using partner solutions such as Reveal(x) 360 can go beyond CloudWatch Logs and S3 to easily and reliably stream their VPC Flow Logs data with minimal infrastructure setup and management.įree Trial: Flow-Based Security Using Reveal(x) 360 What the Integration Means for ExtraHop CustomersĮxtraHop customers can now stream gigabytes per second of VPC Flow Log data into Reveal(x) 360 monitoring and analysis without the need to leverage CloudWatch as a go-between. Kinesis Data Firehose is a fully managed service that makes it easier to capture, transform, and load massive volumes of streaming data into numerous data sources. This means that ExtraHop customers can now seamlessly integrate VPC Flow Logs with ExtraHop Reveal(x) 360 for advanced threat detection in AWS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |